RE: AD review of draft-ietf-radext-management-authorization-05.txt

["David B. Nelson" <dnelson@elbrysnetworks.com>]

Juergen Schoenwaelder writes...

> However, it points out something else: the document sometimes talks
> about authentication and sometimes it talks about integrity protection.

Does it?  The few instances of the word "authentication" in the draft do not
reference the provisioning of protected management services.  RADIUS is all
about authentication and authorization.  However, this draft really only
talks about authorization.

Integrity protection, as used here, is *not* the same as authentication, as
used in SNMP.  Integrity protection requires the sharing of cryptographic
keys, but it does not require authenticated principals.  Integrity
protection could be used, for example, with anonymous Diffie-Hellman key
agreement.  In SNMP the proof of identity of the principals (authentication)
is conflated with tamper-resistance of the protected messages (integrity).
In this document we assume that integrity protection and authentication as
separate concerns.  Authentication is part of the base RADIUS protocol.

In SNMP we have auth and noAuth, as well as priv and noPriv.  There is no
analog to auth or noAuth in this document.  In the ISMS RADIUS Usage
document, we specifically call that out.  Perhaps it would improve that
document to include the text above about separation of authentication from
integrity.

I think we need to be careful not to apply the SNMP model too closely here,
because while SNMP is an important use case, this document is intended to be
more general that just the SNMP usages.



--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>